function AddAccessRights{

    param ($Object,
    [System.Security.Principal.NTAccount]$Identity,
    [System.Security.AccessControl.FileSystemRights]$AccessMask, 
    [System.Security.AccessControl.AccessControlType]$Type) 

    $InheritanceFlags = `
        [System.Security.AccessControl.InheritanceFlags]`
        "ContainerInherit, ObjectInherit"
    $PropagationFlags = `
        [System.Security.AccessControl.PropagationFlags]"None" 

    # Get the security descriptor for the object
    $SD = get-acl $Object 

    # Add the AccessRule
    $Rule = new-object `
        System.Security.AccessControl.FileSystemAccessRule($Identity, `
        $AccessMask, $InheritanceFlags, $PropagationFlags, $Type)    

    $SD.AddAccessRule($Rule)
    set-acl $Object $SD

}


#Open Files Path
$filesPath = (resolve-path "..\solution\LitwareHR\LitwareHR.Portfolio.SecureHost\Files")

get-childItem -path $filesPath -recurse | where {$_.attributes -ne "Directory"} | foreach ($_) {Set-ItemProperty $_.fullname -name "IsReadOnly" -value $false -force}


#Add FullControl Rights to Files folder for NETWORK SERVICE account
$fullControlRight = [System.Security.AccessControl.FileSystemRights]::FullControl
$allowAccess = [System.Security.AccessControl.AccessControlType]::Allow
$networkServiceAccount = new-object -typeName "System.Security.Principal.NTAccount" "NETWORK SERVICE"
AddAccessRights $filesPath $networkServiceAccount $fullControlRight $allowAccess
